/**
 * 
 */
package com.zhengxing.jienci.config;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;

import com.zhengxing.jienci.authentication.mobile.SmsCodeAuthenticationSecurityConfig;
import com.zhengxing.jienci.authentication.openid.OpenIdAuthenticationSecurityConfig;
import com.zhengxing.jienci.properties.SecurityConstants;
import com.zhengxing.jienci.properties.SecurityProperties;
import com.zhengxing.jienci.validateCode.ValidateCodeSecurityConfig;


/**
*yyh
*/
@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

	@Autowired
	protected AuthenticationSuccessHandler jienciAuthenticationSuccessHandler;
	
	@Autowired
	protected AuthenticationFailureHandler jienciAuthenticationFailureHandler;
	
	@Autowired
	private SmsCodeAuthenticationSecurityConfig smsCodeAuthenticationSecurityConfig;

	
	@Autowired
	private OpenIdAuthenticationSecurityConfig openIdAuthenticationSecurityConfig;
	
	@Autowired
	private ValidateCodeSecurityConfig validateCodeSecurityConfig;
	
//	@Autowired
//	private SpringSocialConfigurer jienciSocialSecurityConfig;
	
	@Autowired
	private SecurityProperties securityProperties;


    /**
     * 方法实现说明:用于构建用户认证组件(AuthenticationManagerBuilder,这里典型的是一个建造者模式),
     * 需要传递userDetailsService和密码加密器
     */
//    @Override
//    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
//        //这里的userDetailService接口是spring security的 我们需要自己
//        //写接口来实现，我们在TulingUserDetailService中 查询数据库信息来进行获取用户信息
//        auth.userDetailsService(userDetailsService).passwordEncoder(passwordEncoder());
//    }


    /**
     * 密码加密器组件
     * @return
     */
    @Bean
    public PasswordEncoder passwordEncoder() {
        return new BCryptPasswordEncoder();
    }

    /**
     * 上面的configure真正的构建好了我们的AuthenticationManagerBuilder 我们在这里
     * 需要通过建造者 构建我们的AuthenticationManager对象
     * @return
     * @throws Exception
     */
    @Bean
    public AuthenticationManager authenticationManagerBean() throws Exception {
    	return super.authenticationManagerBean();
    }
    
    @Override
    protected void configure(HttpSecurity http) throws Exception {
    	http.formLogin()
		.loginPage(SecurityConstants.DEFAULT_UNAUTHENTICATION_URL)
		.loginProcessingUrl(SecurityConstants.DEFAULT_LOGIN_PROCESSING_URL_FORM)
		.successHandler(jienciAuthenticationSuccessHandler)
		.failureHandler(jienciAuthenticationFailureHandler);
	
	http.apply(validateCodeSecurityConfig)
			.and()
		.apply(smsCodeAuthenticationSecurityConfig)
			.and()
		//.apply(imoocSocialSecurityConfig)
		//	.and()
		.apply(openIdAuthenticationSecurityConfig)
			.and()
		.authorizeRequests()
			.antMatchers(
				SecurityConstants.DEFAULT_UNAUTHENTICATION_URL,
				SecurityConstants.DEFAULT_LOGIN_PROCESSING_URL_MOBILE,
				SecurityConstants.DEFAULT_LOGIN_PROCESSING_URL_OPENID,
//				securityProperties.getBrowser().getLoginPage(),
				SecurityConstants.DEFAULT_VALIDATE_CODE_URL_PREFIX+"/*")
//				securityProperties.getBrowser().getSignUpUrl(),
//				securityProperties.getBrowser().getSession().getSessionInvalidUrl(),
//				securityProperties.getBrowser().getSignOutUrl(),
//				"/user/regist", "/social/signUp")
				.permitAll()
			.anyRequest()
			.authenticated()
			.and()
		.csrf().disable();
    }

}

